Thursday, January 5, 2017

Allegations of Russian hacking face Senate Armed Services hearing

Sen. McCain

One of the least savory aspects of the 2016 presidential election was the allegation that the Russians, presumably under the direction of Vladimir Putin, had hacked into the Democratic Party’s computer servers to view email exchanges between, Hillary Clinton and her campaign manager, John Podesta, and other key people. While the hue and cry, was justified, the fallout in reactions seems to be less than expected; in some quarters, and while no discernible harm may have been done in terms of directly affecting the outcome of the election, cyber security has been compromised. A serious matter.

President-elect Donald Trump’s seeming indifference to the ramifications and his tweets that were essentially a dismissal, was consistent with this campaign style of ignoring the big topics, (and a willingness to discard what he didn’t understand), gave pause to even his supporters, but especially cybersecurity experts.. This is a concern for both business and government, and ignoring, or dismissing legitimate concerns can have fatal consequences for the nation.

The good news is, so far, that there has been no credible evidence that “the Russians won the election for the Republican candidate,” but nevertheless, the breach occurred, and the U.S. government has to respond. Yet, there are some naysayers around, and one of them is Elaine Ou, a blockchain engineer from San Francisco that says, in effect, “whoa, hold on a moment.” In a recent article she says: “Assessing a cyber attack is more art than science. Intelligence analysis deals with information that is often intentionally deceptive. As Central Intelligence Agency veteran Richards Heuer, Jr. explains, “The significance of information is always a joint function of the nature of the information and the context in which it is interpreted.”

Her thesis also betrays a bit of partisanship when she notes, “Extraordinary claims require extraordinary evidence, and the idea that a nuclear-armed state stole Democratic National Committee emails to interfere with the U.S. election is a pretty extraordinary claim. After all, multinational corporations have suffered much bigger data breaches at the hands of hackers with far fewer resources.”

Taking it even further she notes, at the end of her essay,”Intelligence agencies expect people to trust them, but they also have to earn that trust. It was only last Friday that President Obama ordered a review of potential election-related hacking. While the idea of Russian meddling might fit conveniently into the collective disbelief that Donald Trump could have won the election fairly, we should probably demand more evidence before freaking out.”

Ouch!

In response to the furor that the breach has entailed, on Thursday, “Senate Armed Services Chairman John McCain (R-Ariz.) held a long-awaited hearing Thursday with top intelligence officials on Russian cyber-aggression, after weeks of President-elect Donald Trump scoffing at their conclusions that Kremlin-backing hackers meddled in the 2016 election.”

The hearing also included testimony from Director of National Intelligence James Clapper and National Security Agency chief Michael Roger, and while the meeting reported more heat than fire, McCain called Russia's hacking "an unprecedented attack on our democracy” and suggested it would be "an attack on the United States of America" had Moscow's actions affected the results of the election. Still, he cautioned that “none of us believe" Russia had swayed the outcome, and Clapper said the intelligence community has no way to gauge how the hacking may have affected the electorate’s choices. “Whether or not that constitutes an act of war I think is a very heavy policy call that I don’t believe the intelligence community should make,” Clapper said. “But it's certainly — would carry, in my view, great gravity.”

Sen. Lindsay Graham, (R-SC) stressed that “I want to let the president-elect know it's OK to challenge the intel,” Graham said, adding: “But what I don't want you to do is undermine those who are serving our nation in this arena until you're absolutely sure they need to be undermined. And I think they need to be uplifted, not undermined.”

Mostly absent from the discussion has been that the U.S. does it too, as was embarrassingly revealed when it came to light, last year, that we were eavesdropping on the cell phone conversations of leaders of even such staunch allies as Germany’s Angela Merkel. This may be a case, for “do as I say, not as I do,” for some, but the glaring reality of these cyber breaches does not bode well for the future.

Aspects of  a new electronically based Cold War, at least with the Russians, as suspects, are now apparent. And the sanctions imposed by the Obama administration, including the expulsion of over 70 Russians, should be seen, too, in the context of the hacking believed to be by the Chinese into the Office of Personnel Management, although vigorously denied by their government officials, was also a serious cause for concern, with access to not only names, but biographical data of U.S. personnel files, that could be used for all manner of mean purpose. While there was no clear cut reason, established, to where, and how this information could be used, it was equally clear that there was a clear and present danger.

Senator Susan Collins, a Maine Republican, said the hackers were believed to be based in China, and as a member of the Senate intelligence committee, said the breach was “yet another indication of a foreign power probing successfully and focusing on what appears to be data that would identify people with security clearances”.

The future is problematic, especially with the brewing Trump and Putin “bromance”, and perhaps in light of it, the potential for more problems.. It also raises questions of whether Trump understands, or even appreciates, good intel, even after the horse has left the barn.
A look back reveals a pattern on breaches: in 2015 there was an “attack on the Internal Revenue Service (IRS) that compromised the details of 100,000 taxpayers.” At that time, “the IRS commissioner John Koskinen appeared before a Senate committee and blamed the attack on underfunding and the agency’s inability to keep up with increasingly sophisticated threats, according to the Guardian.

Another instance revealed that hackers had broken into the electronic files of the U.S. Department of Human Services, “when a former DHS contractor disclosed another cyber-breach that compromised the private files of more than 25,000 DHS workers and thousands of other federal employees.”

There are increased concerns, that if confirmed, Rex Tillerson, Trump’s nominee for secretary of state, with his large rolodex of foreign contacts, and not always the good guys, could expose the nation to the law of unintended consequences.

This intersection of technology and espionage is not going to go away, in fact it may intensify. One result of the OPM attack was the creation of the Cybersecurity National Action Plan. First publicly announced by President Obama in February 2016, it calls for billions to be set aside for several critical projects, such as upgrading outmoded systems,” noted Wired magazine, but most importantly a change for less focus on prevention, but also on the mitigation of the damage, and while still conducting necessary business, knowing that.


We have to operate knowing that they’re going to get inside sometimes. The question is, how do we limit their effectiveness and conduct secure business operations knowing they’re watching?,” says Rich Berger of ThreatConnect.
President Putin


These breaches are also a global concern and has technologists and experts looking for ways to secure their systems. In that vein, TechRepublic has said: “Last year consumer, corporate, and political targets were hammered by ransomware extortion attempts, phishing excursions, and DDoS attacks. Driven by this slew of high-profile attacks, cybersecurity has rapidly emerged as a priority in 2017 for enterprise companies and SMBs.”


A solution for America, many believe in, should be a multi-pronged attempt that includes limiting access, securing routine business, and recruiting the best talent from Silicon Valley to work as aides to the government, as possibly the better way to strengthen our cyber security. Critics and observers also say that we will have to stand outside of rhetoric for reality based solutions, like that suggested by Berger.


In a related story, just last month, the Associated Press reported that Yahoo had 1 billion user accounts hacked in 2013. They quote “security experts [who] said the 2013 attack was likely the work of a foreign government fishing for information about specific people. One big tell: It doesn't appear that much personal data from Yahoo accounts has been posted for sale online, meaning the hack probably wasn't the work of ordinary criminals.”


This Yahoo breach preceded another one in 2014, which was not disclosed till late last year, which seems to suggest that these breaches are on the rise and spreading even beyond government systems.

Russia has denied the allegations, yet Clapper, and others, say that the fingerprints of the former Soviet Union have been seen by others, that is, outside experts. Reuters also reported that “Clapper and the two other officials who testified, Admiral Mike Rogers, the director of the National Security Agency, and Marcel Lettre, the under secretary of defense for intelligence, did not say what made intelligence agencies confident Russia was behind the cyber attacks, but that conclusion was also reached by several private cyber security firms.”

No comments:

Post a Comment